Download presentation
Presentation is loading. Please wait.
Published byBrian Hubbard Modified over 9 years ago
1
Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2015 Operations Security
2
Domain Objectives Protection and Control of Data Processing Resources – Media Management – Backups and Recovery – Change Control Privileged Entity Control
3
Control Categories Preventive Detective Corrective Deterrent Recovery Directive Compensating
4
Application-related Controls Transaction Input Processing Output Test Supervision / balancing Job-flow Logging Licensing
5
Operations Security Focus Areas Auditors Support staff Vendors Security Programmers Operators Engineers Administrators
6
Domain Agenda Resource Protection Continuity of Operations Change Control Management Privileged Entity Control
7
Facility Support Systems The support systems in centralized and decentralized operation centers must be protected – Hardware – Software – Storage media – Cabling – Physical security
8
Facility Support Systems (cont.) Fire protection HVAC Electrical power goals
9
Facility Support Systems (cont.) Water Communications Alarm systems
10
Media Management Storage Encryption Retrieval Disposal
11
Object Reuse Securely reassigned Disclosure Contamination Recoverability
12
Clearing of Magnetic Media Overwriting Degaussing Physical destruction
13
Media Management Practices Sensitive Media Controls – Destroying – Marking – Labeling – Handling – Storing – Declassifying
14
Misuse Prevention ThreatsCountermeasures Personal useAcceptable use policy, workstation controls, web content filtering, email filtering Theft of mediaAppropriate media controls FraudBalancing of input/output reports, separation of duties, verification of information SniffersEncryption
15
Records Management Consideration for records management program development Guidelines for developing a records management program Records retention
16
Domain Agenda Resource Protection Continuity of Operations Change Control Management Privileged Entity Control
17
Adequate Software & Data Backup Operations controls ensure adequate backups of: – Data – Operating systems – Applications – Transactions – Configurations – Reports Backups must be tested Alternate site recovery plan
18
Fault Tolerance Hardware failure is planned for System recognizes a failure Automatic corrective action Standby systems – Cold – configured, not on, lost connections – Warm – On, some lost data or transactions (TRX) – Hot – ready – failover
19
RAID – Redundant Array of Independent Discs Hardware-based Software-based Hot spare
20
RAID Level 0 Two or more disks No redundancy Performance only
21
RAID Level 1 Exact copy (or mirror) Two or more disks Fault tolerant 200% cost
22
RAID Level 2 Striping of data with error correcting codes (ECC) Requires more disks than RAID 3/4/5 Not used, not commercially viable
23
RAID Level 3 Byte level stripes 1 drive for parity All other drives are for data
24
RAID Level 4 Block level stripes 1 drive for parity All other drives are for data
25
RAID Level 5 Block level stripes Data and parity interleaved amongst all drives The most popular RAID implementation
26
RAID Level 6 Block level stripes All drives used for data AND parity 2 parity types Higher cost More fault tolerant than RAID implementations 2 - 5
27
RAID Level 0+1 Mirroring and striping Higher cost Higher speed
28
RAID Level 10 Mirroring and striping Higher cost Higher speed
29
Redundant Array of Independent Taps (RAIT) Using tapes not disk Rea-time mirroring
30
Hot Spares Waiting for disaster Global Dedicated
31
Backup Types File image System image Data mirroring Electronic vaulting Remote journaling Database shadowing Redundant servers Standby services
32
System Recovery – Trusted Recovery Correct implementation Failures don’t compromise a system’s secure operation
33
Types of Trusted Recovery System reboot Emergency system restart System cold start
34
Fail Secure Cause little or no harm to personnel System remains secure
35
Operational Incident Handling First line of defense Logging, tracking and analysis of incidents Escalation and notification
36
Incident Response Team Benefits Protection of assets Profitability Regulations Avoiding downstream damage Limit exposure Priorities Life safety Labeled data Communication Reduce disruption
37
Contingency Plans Business continuity plans and procedures – Power failure – System failure – Denial of service – Intrusions – Tampering – Communication – Production delay – I/O errors
38
Domain Agenda Resource Protection Continuity of Operations Change Control Management Privileged Entity Control
39
Change Control Management Business and technology balance Defines – Process of changes – Ownership of changes Changes are reviewed for impact on security
40
Change Control Committee Responsibilities Management Business impact Regulations Risk management Approval Accreditation Technical Request process Functional impact Access control Testing Rollback Certification
41
Change Control Procedures Request Impact assessment Approval Build/test Implement Monitor
42
Configuration Management Elements Hardware inventory Hardware configuration chart Software Firmware Documentation requirements Testing
43
Patch Management Knowledge of patches Testing Deployment Zero-day challenges
44
Protection of Operational Files Library Maintenance – Backups – Source code – Object code – Configuration files Librarian
45
Domain Agenda Resource Protection Continuity of Operations Change Control Management Privileged Entity Control
46
Operator Privileges Data input and output Data maintenance Labeling Inventory
47
Administrator Privileges Systems administrators Network administrators Audit highly-privileged accounts
48
Security Administrator Privileges Security administration include: – Policy Development Implementation Maintenance and compliance – Vulnerability assessments – Incident response
49
Control Over Privileged Entities Review of access rights Supervision Monitoring/audit
50
Domain Summary Resource Protection Continuity of Operations Change Control Management Privileged Entity Control
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.